Subversion Repositories ALCASAR

<?php

<?php

#

#

# intercept.php for ALCASAR captive portal

# intercept.php for ALCASAR captive portal

# Copyright (C) 2003, 2004 Mondru AB.

# Copyright (C) 2003, 2004 Mondru AB.

# Modify by REXY & steweb57

# Modify by REXY & steweb57

# UI & css style by stephane ERARD

# UI & css style by stephane ERARD

}

}

while (!feof($file_conf)) {

while (!feof($file_conf)) {

	$buffer = fgets($file_conf, 4096);

	$buffer = fgets($file_conf, 4096);

	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {

	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {

		$tmp = explode('=', $buffer);

		$tmp = explode('=', $buffer);

	}

	}

}

}

fclose($file_conf);

fclose($file_conf);

$organisme = $conf["ORGANISM"];

$organisme = $conf["ORGANISM"];

// Check if the SMS service is enable

// Check if the SMS service is enable

$service_SMS_status = false;

$service_SMS_status = false;

// Our own path

// Our own path

$loginpath   = htmlspecialchars($_SERVER['PHP_SELF']);

$loginpath   = htmlspecialchars($_SERVER['PHP_SELF']);

$statuspath  = $alcasarpath.'/status.php';

$statuspath  = $alcasarpath.'/status.php';

// Choice of language

// Choice of language

$Language = 'en';

$Language = 'en';

if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {

if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {

	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);

	$Langue = explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);

}

}

if ($Language === 'es') {		// Spanish

if ($Language === 'es') {		// Spanish

	$l_ChilliError			= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";

	$l_ChilliError			= "La autenticación debe ser un éxito a través del servicio de portal cautivo.";

	$l_login			= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";

	$l_login			= "El éxito de la autenticación.<HR>Cierre esta ventana interrumpte la sesion.";

	$l_logout			= "Conexión de cierre";

	$l_logout			= "Conexión de cierre";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl2		= "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";

	$l_loggedin_stringl2		= "El portal fue creado reglamentos para garantizar la trazabilidad, la rendición de cuentas y el no repudio de las conexiones.";

	$l_loggedin_stringl3		= "Su actividad en la red es registrada, de conformidad con la privacidad.";

	$l_loggedin_stringl3		= "Su actividad en la red es registrada, de conformidad con la privacidad.";

	$l_loggedin_stringl4		= "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";

	$l_loggedin_stringl4		= "Los datos registrados pueden ser capaces de ser operado por una autoridad judicial en el curso de una investigación.";

	$l_loggedin_stringl5		= "Estos datos se eliminan automáticamente después de un año.";

	$l_loggedin_stringl5		= "Estos datos se eliminan automáticamente después de un año.";

	$l_loggedout_string		= "Cerrar sesión hizo portal cautivo!";

	$l_loggedout_string		= "Cerrar sesión hizo portal cautivo!";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_4			= "your account expired";

	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Sistema de Informação e segurança";

	$l_loggedin_stringl1		= "Sistema de Informação e segurança";

	$l_loggedin_stringl2		= "Este controle foi criado para garantir acesso seguro.";

	$l_loggedin_stringl2		= "Este controle foi criado para garantir acesso seguro.";

	$l_loggedin_stringl3		= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";

	$l_loggedin_stringl3		= "A autenticação será criptografada em 256 bits, impedindo captura por escâner de rede.";

	$l_loggedin_stringl4		= "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";

	$l_loggedin_stringl4		= "Sua atividade na Internet será resguardada de acordo com os regulamentos da lei.";

	$l_loggedin_stringl5		= "Mantenha o popup da conexão minimizado para não interromper a cessão.";

	$l_loggedin_stringl5		= "Mantenha o popup da conexão minimizado para não interromper a cessão.";

	$l_loggedout_string		= "desconexão do portal cativo";

	$l_loggedout_string		= "desconexão do portal cativo";

	$l_reply_1			= "Seu tempo de conexão diária foi finalizado";

	$l_reply_1			= "Seu tempo de conexão diária foi finalizado";

	$l_reply_2			= "Seu tempo de conexão mensal foi finalizado";

	$l_reply_2			= "Seu tempo de conexão mensal foi finalizado";

	$l_reply_3			= "Você tenta conectar-se fora do seu período de tempo permitido";

	$l_reply_3			= "Você tenta conectar-se fora do seu período de tempo permitido";

	$l_reply_4			= "Sua conta expirou";

	$l_reply_4			= "Sua conta expirou";

	$l_loggedin_stringl1		= "信息系统安全";

	$l_loggedin_stringl1		= "信息系统安全";

	$l_loggedin_stringl2		= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";

	$l_loggedin_stringl2		= "这种控制实施以法定保证可追溯性，可归罪性和连接的不否认性.";

	$l_loggedin_stringl3		= "您的网络活动是私密登记的.";

	$l_loggedin_stringl3		= "您的网络活动是私密登记的.";

	$l_loggedin_stringl4		= "记录的数据能被司法机关在调查中操作使用.";

	$l_loggedin_stringl4		= "记录的数据能被司法机关在调查中操作使用.";

	$l_loggedin_stringl5		= "这些数据将在一年后自动删除.";

	$l_loggedin_stringl5		= "这些数据将在一年后自动删除.";

	$l_loggedout_string		= "强制网络门户连接已断开";

	$l_loggedout_string		= "强制网络门户连接已断开";

	$l_reply_1			= "您已经达到每日连接时间";

	$l_reply_1			= "您已经达到每日连接时间";

	$l_reply_2			= "您已经达到每月连接时间";

	$l_reply_2			= "您已经达到每月连接时间";

	$l_reply_3			= "您尝试在授权时间以外连接";

	$l_reply_3			= "您尝试在授权时间以外连接";

	$l_reply_4			= "您的账号已过期";

	$l_reply_4			= "您的账号已过期";

	$l_loggedin_stringl1		= "سلامة نظم المعلومات";

	$l_loggedin_stringl1		= "سلامة نظم المعلومات";

	$l_loggedin_stringl2		= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";

	$l_loggedin_stringl2		= "وُضعت هذه المراقبة للضمان القانوني لتتبع ومساءلة وعدم تنصل الإتصالات";

	$l_loggedin_stringl3		= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";

	$l_loggedin_stringl3		= "نشاطك على الشبكة مسجل وفقاً لاحترام الحريات الشخصية";

	$l_loggedin_stringl4		= "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";

	$l_loggedin_stringl4		= "لا يمكن استغلال البيانات المسجلة إلاّ من قِبل سلطات التحقيق القضائ";

	$l_loggedin_stringl5		= "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";

	$l_loggedin_stringl5		= "سيتم حدف هذه البيانات تلقائياً بعد سنة من الْيَوْمَ";

	$l_loggedout_string		= "تَمّ قطع الإتصال بالبوابة الأسيرة";

	$l_loggedout_string		= "تَمّ قطع الإتصال بالبوابة الأسيرة";

	$l_reply_1			= "انتهى وقتك اليومي للإتصال";

	$l_reply_1			= "انتهى وقتك اليومي للإتصال";

	$l_reply_2			= "انتهى وقتك الشهري للإتصال";

	$l_reply_2			= "انتهى وقتك الشهري للإتصال";

	$l_reply_3			= "محاولة اتصال خارج فترتك المأذونة";

	$l_reply_3			= "محاولة اتصال خارج فترتك المأذونة";

	$l_reply_4			= "انتهت مدة صلاحية حسابك";

	$l_reply_4			= "انتهت مدة صلاحية حسابك";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl2		= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";

	$l_loggedin_stringl2		= "Dieses Portal wurde eingerichtet, um ordnungsgemäß die Rückverfolgbarkeit, der Zurechenbarkeit und der Nicht-Anerkennung der Verbindungen.";

	$l_loggedin_stringl3		= "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";

	$l_loggedin_stringl3		= "Ihre Tätigkeit im Netzwerk registriert ist nach Schutz der Privatsphäre.";

	$l_loggedin_stringl4		= "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";

	$l_loggedin_stringl4		= "Die gespeicherten Daten nicht pouront genutzt werden, dass von einer Justizbehörde im Rahmen einer Untersuchung.";

	$l_loggedin_stringl5		= "Diese Daten werden automatisch gelöscht nach einem Jahr.";

	$l_loggedin_stringl5		= "Diese Daten werden automatisch gelöscht nach einem Jahr.";

	$l_loggedout_string		= "Trennung des Portals erfolgt Gefangener!";

	$l_loggedout_string		= "Trennung des Portals erfolgt Gefangener!";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_4			= "your account expired";

	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl2		= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";

	$l_loggedin_stringl2		= "Het portaal werd opgericht verordeningen om de traceerbaarheid, verantwoordelijkheid en onloochenbaarheid van de verbindingen.";

	$l_loggedin_stringl3		= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";

	$l_loggedin_stringl3		= "Uw activiteit op het netwerk is geregistreerd in overeenstemming met de persoonlijke levenssfeer.";

	$l_loggedin_stringl4		= "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";

	$l_loggedin_stringl4		= "De geregistreerde gegevens kunnen worden kunnen worden bediend door een rechterlijke instantie in de loop van een onderzoek.";

	$l_loggedin_stringl5		= "Deze gegevens worden automatisch verwijderd na een jaar.";

	$l_loggedin_stringl5		= "Deze gegevens worden automatisch verwijderd na een jaar.";

	$l_loggedout_string		= "Logout gemaakt intern portaal!";

	$l_loggedout_string		= "Logout gemaakt intern portaal!";

	$l_reply_1 			= "Your daily connexion time has been reached";

	$l_reply_1 			= "Your daily connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_4			= "your account expired";

	$l_reply_4			= "your account expired";

	$l_loggedin_stringl1		= "Sécurité des Systèmes d'Information";

	$l_loggedin_stringl1		= "Sécurité des Systèmes d'Information";

	$l_loggedin_stringl2		= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";

	$l_loggedin_stringl2		= "Ce contrôle a été mis en place pour assurer réglementairement la traçabilité, l'imputabilité et la non-répudiation des connexions.";

	$l_loggedin_stringl3		= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";

	$l_loggedin_stringl3		= "Votre activité sur le réseau est enregistrée conformément au respect de la vie privée.";

	$l_loggedin_stringl4		= "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";

	$l_loggedin_stringl4		= "Les données enregistrées ne pourront être exploitées que par une autorité judiciaire dans le cadre d'une enquête.";

	$l_loggedin_stringl5		= "Ces données seront automatiquement supprimées au bout d'un an.";

	$l_loggedin_stringl5		= "Ces données seront automatiquement supprimées au bout d'un an.";

	$l_loggedout_string		= "Déconnexion du portail captif effectuée !";

	$l_loggedout_string		= "Déconnexion du portail captif effectuée !";

	$l_reply_1			= "Votre durée de connexion journalière a été atteinte";

	$l_reply_1			= "Votre durée de connexion journalière a été atteinte";

	$l_reply_2			= "Votre durée de connexion mensuelle a été atteinte";

	$l_reply_2			= "Votre durée de connexion mensuelle a été atteinte";

	$l_reply_3			= "Vous tentez de vous connecter en dehors de votre période autorisée";

	$l_reply_3			= "Vous tentez de vous connecter en dehors de votre période autorisée";

	$l_reply_4			= "Votre compte a expiré";

	$l_reply_4			= "Votre compte a expiré";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl1		= "Information System Security";

	$l_loggedin_stringl2		= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";

	$l_loggedin_stringl2		= "That control was set up regulations to ensure traceability, accountability and non-repudiation of connections.";

	$l_loggedin_stringl3		= "Your activity on the network is registered in accordance with privacy.";

	$l_loggedin_stringl3		= "Your activity on the network is registered in accordance with privacy.";

	$l_loggedin_stringl4		= "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";

	$l_loggedin_stringl4		= "The recorded data can be able to be operated by a judicial authority in the course of an investigation.";

	$l_loggedin_stringl5		= "These data will be automatically deleted after one year.";

	$l_loggedin_stringl5		= "These data will be automatically deleted after one year.";

	$l_loggedout_string		= "Disconnection of the captive portal made";

	$l_loggedout_string		= "Disconnection of the captive portal made";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_1			= "Your daily connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_2			= "Your monthly connexion time has been reached";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_3			= "You try to connect outside of your allowed timespan";

	$l_reply_4			= "your account expired";

	$l_reply_4			= "your account expired";

# Read form parameters which we care about

# Read form parameters which we care about

# avoid the "user as a MAC address" attempts

# avoid the "user as a MAC address" attempts

if ((isset($_POST['UserName'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['UserName']) !== 1))

if ((isset($_POST['UserName'])) && (preg_match('/^([0-9A-F]{2}-){5}[0-9A-F]{2}$/', $_POST['UserName']) !== 1))

				$username	= htmlspecialchars($_POST['UserName']);		else $username = '';

				$username	= htmlspecialchars($_POST['UserName']);		else $username = '';

if (isset($_POST['Password']))	$password	= htmlspecialchars($_POST['Password']);		else $password = '';

if (isset($_POST['Password']))	$password	= htmlspecialchars($_POST['Password']);		else $password = '';

if (isset($_POST['button']))	$button		= htmlspecialchars($_POST['button']);		else $button = '';

if (isset($_POST['button']))	$button		= htmlspecialchars($_POST['button']);		else $button = '';

// if (isset($_POST['logout']))	$logout		= htmlspecialchars($_POST['logout']);		else $logout = '';

// if (isset($_POST['logout']))	$logout		= htmlspecialchars($_POST['logout']);		else $logout = '';

// if (isset($_POST['prelogin']))	$prelogin	= htmlspecialchars($_POST['prelogin']);		else $prelogin = '';

// if (isset($_POST['prelogin']))	$prelogin	= htmlspecialchars($_POST['prelogin']);		else $prelogin = '';

if (isset($_POST['res']))	$res		= htmlspecialchars($_POST['res']);		else $res = '';

if (isset($_POST['res']))	$res		= htmlspecialchars($_POST['res']);		else $res = '';

if (isset($_POST['uamip']))	$uamip		= htmlspecialchars($_POST['uamip']);		else $uamip = '';

if (isset($_POST['uamip']))	$uamip		= htmlspecialchars($_POST['uamip']);		else $uamip = '';

				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur

				$filter_id = $row['value']; // on obtient le Filter-Id de l'utilisateur

				if($filter_id[3] === '1') {

				if($filter_id[3] === '1') {

					//set the fourth bit of filter-id to '0'

					//set the fourth bit of filter-id to '0'

					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";

					$sql = "set @CurrentFilter=(SELECT value from radreply where username='$user_uid');set @CurrentFilterLeft=(SELECT LEFT(@CurrentFilter,3));set @CurrentFilterRight=(SELECT RIGHT(@CurrentFilter,4));UPDATE radreply SET value = CONCAT((@CurrentFilterLeft),'0', (@CurrentFilterRight)) WHERE username='$user_uid'";

					$res = mysqli_multi_query($link,$sql);

					$res = mysqli_multi_query($link,$sql);

					exit();

					exit();

				}

				}

			}

			}

		}

		}

	}

	}